<?
require_once("include.php");

$me=false;
require_once("header.session.php");
require_once("header.gui.php");
require_once("header.misc.php");
require_once("header.admin.php");

if(isset($_POST['action'])) {
	switch($_POST['action']) {
		case "mknewuser":
			$newid=mkNewUser($_POST['firstname'],$_POST['lastname']);
			$user = &new Person($newid);
			$user->addToGroup("All");
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $newid);
			die;
			break;
		case "edituser":
			$user = &new Person($_POST['uid']);
			$user->changeName($_POST['firstname'],$_POST['lastname']);
			$user->changeUsername($_POST['username']);
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "disable":
			if($_POST['uid']!=2) {
				$user = &new Person($_POST['uid']);
				$user->disableAccount();
			}
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "enable":
			$user = &new Person($_POST['uid']);
			$user->enableAccount();
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "changepassword":
			$user = &new Person($_POST['uid']);
			$user->changePassword($_POST['newpassword']);
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "addtogroup":
			$user = &new Person($_POST['uid']);
			$user->addToGroup($_POST['group']);
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "removefromgroup":
			$user = &new Person($_POST['uid']);
			$user->removeFromGroup($_POST['group']);
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "changeaccess":
			$group=new Person($_POST['uid']);
			$group->changeAccess($_POST['page'],$_POST['access']);
			header("location: " . $_SERVER['PHP_SELF'] . "?action=edituser&uid=" . $_POST['uid']);
			die;
			break;
		case "deleteyes":
			deleteUser($_POST['uid']);
			header("location: " . $_SERVER['PHP_SELF']);
			die;
			break;
		default:
			customError("An error involving post data (action) has happened");
			break;
	}
}
if(isset($_POST['newuser'])) {
	$newid=mkNewUser($_POST['firstname'],$_POST['lastname']);
	header("location: " . $_SERVER['PHP_SELF'] . "?action=edit&uid=" . $newid);
	die;
}
//globals
$MenuObjects= $me->getMyMenu();
if(isset($_GET['uid'])) {
	if(!is_numeric($_GET['uid'])) {
		$_GET['action']="invaliduid";
	}
}
if(!isset($_GET['action'])) {
		$_GET['action']="main";
}
if(!$me) {
	$me=&new Person($_SESSION['id']);
}

function Headers() {
	
}
function Body() {
	echo "Here you can manage all of the users in WIMON...<br>\n";
	switch($_GET['action']) {
		case "edituser":
			$user = &new Person($_GET['uid']);
			include("editUser.html");
			echo "<a href=\"" . $_SERVER['PHP_SELF'] . "\">&lt;-Back</a>";
			break;
		case "mknewuser":
			echo "\n" .
			"<form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n" .
			"<input type=\"hidden\" name=\"action\" value=\"mknewuser\">\n" . 
			"<input type=\"text\" name=\"firstname\" value=\"First Name\">\n" .
			"<input type=\"text\" name=\"lastname\" value=\"lastname\"\n" .
			"<br><input type=\"submit\" value=\"Create New User\" name=\"newuser\">\n" .
			"</form><br>\n" .
			"";
			echo "<a href=\"" . $_SERVER['PHP_SELF'] . "\">&lt;-Back</a>";
			break;
		case "delete":
			if(!is_numeric($_GET['uid'])) {
				header("location: " . $_SERVER['PHP_SELF']);
				die;
			}
			echo "\n" .
			"<form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n" .
			"<input type=\"hidden\" name=\"action\" value=\"deleteyes\">\n" . 
			"<input type=\"hidden\" name=\"uid\" value=\"" . $_GET['uid'] . "\">\n" . 
			"<br>Are you absolutely sure you want to delete this user?\n" .
			"<br>All of this users data, including their assessments, ilps, exhibitions, attendance records, and all other records of this students exsistance within the context of WIMON will be perminantly deleted without any possible way of recovery.\n" .
			"<br>The only reason this feature exists is so that you can delete accedental duplicates, simply disable the account if the student no longer attends the school so that his/her information is kept... Just in case...\n" .
			"<br><br><br>Seriously.<br><br>\n" .
			"<br><a href=\"" . $_SERVER['PHP_SELF'] . "\">Last chance to go back, upon clicking delete there is no turning back!!!!!</a>\n" .
			"<br><input type=\"submit\" value=\"DELETE THIS USER\">\n" .
			"</form><br>\n" .
			"";
			break;
		default:
			echo "Click create new user or select a student from the list below and then choose an action.\n" .
			"<br><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"get\">\n" .
			"<input type=\"submit\" value=\"Create New User\">\n" . 
			"<input type=\"hidden\" value=\"mknewuser\" name=\"action\">\n" . 
			"</form>" .
			
			"<br><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"get\">\n" .
			"<select name=\"uid\">\n" .
			"<option id=\"0\"> - Select A User - </option>\n";
			$users=getUserList("",1);
			foreach($users as $user) {
				echo "<option value=\"" . $user['people_id'] . "\">" . stripslashes($user['people_firstname']) . " " . stripslashes($user['people_lastname']) . "</option>\n";
			}
			echo "</select>\n" .
			"<input type=\"hidden\" name=\"action\" value=\"edituser\">\n" .
			"<input type=\"submit\" value=\"Edit User\">\n" .
			"</form>\n" .
			
			"";

			break;
	}
}


include("template.php");